A Survey on Data-driven Network Intrusion Detection

被引:89
作者
Chou, Dylan [1 ]
Jiang, Meng [2 ]
机构
[1] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
[2] Univ Notre Dame, Notre Dame, IN 46556 USA
来源
ACM COMPUTING SURVEYS | 2022年 / 54卷 / 09期
关键词
Network intrusion detection; data mining; machine learning; DEEP LEARNING APPROACH; FEATURE-SELECTION; DETECTION SYSTEM; ANOMALY DETECTION; NEURAL-NETWORKS; DATA STREAMS; ROUGH SET; ALGORITHM; ENSEMBLE; DIMENSIONALITY;
D O I
10.1145/3472753
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Data-driven network intrusion detection (NID) has a tendency towards minority attack classes compared to normal traffic. Many datasets are collected in simulated environments rather than real-world networks. These challenges undermine the performance of intrusion detection machine learning models by fitting machine learning models to unrepresentative "sandbox" datasets. This survey presents a taxonomy with eight main challenges and explores common datasets from 1999 to 2020. Trends are analyzed on the challenges in the past decade and future directions are proposed on expanding NID into cloud-based environments, devising scalable models for large network data, and creating labeled datasets collected in real-world networks.
引用
收藏
页数:36
相关论文
共 201 条
[31]   Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge [J].
Casas, Pedro ;
Mazel, Johan ;
Owezarski, Philippe .
COMPUTER COMMUNICATIONS, 2012, 35 (07) :772-783
[32]   An efficient network intrusion detection [J].
Chen, Chia-Mei ;
Chen, Ya-Lin ;
Lin, Hsiao-Chung .
COMPUTER COMMUNICATIONS, 2010, 33 (04) :477-484
[33]  
Chen Feilong., 2011, ACM SIGKDD INT C KNO
[34]   DAD-MCNN: DDoS Attack Detection via Multi-channel CNN [J].
Chen, Jinyin ;
Yang, Yi-tao ;
Hu, Ke-ke ;
Zheng, Hai-bin ;
Wang, Zhen .
ICMLC 2019: 2019 11TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND COMPUTING, 2019, :484-488
[35]   A population-based incremental learning approach with artificial immune system for network intrusion detection [J].
Chen, Meng-Hui ;
Chang, Pei-Chann ;
Wu, Jheng-Long .
ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE, 2016, 51 :171-181
[36]  
Cheng A, 2019, 2019 IEEE 10TH ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON), P728, DOI [10.1109/iemcon.2019.8936224, 10.1109/IEMCON.2019.8936224]
[37]   A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection [J].
Chiba, Zouhair ;
Abghour, Noureddine ;
Moussaid, Khalid ;
El Omri, Amina ;
Rida, Mohamed .
COMPUTERS & SECURITY, 2018, 75 :36-58
[38]   A hybrid network intrusion detection system using simplified swarm optimization (SSO) [J].
Chung, Yuk Ying ;
Wahid, Noorhaniza .
APPLIED SOFT COMPUTING, 2012, 12 (09) :3014-3022
[39]  
Clausen Henry., 2020, ARXIV PREPRINT ARXIV
[40]   A Novel Online Incremental Learning Intrusion Prevention System [J].
Constantinides, Christos ;
Shiaeles, Stavros ;
Ghita, Bogdan ;
Kolokotronis, Nicholas .
2019 10TH IFIP INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES, MOBILITY AND SECURITY (NTMS), 2019,
12345678910